Books

Cyber Attacks prevention

Cyber attackers create, use and sell malware for many different reasons. Cyber attacks from North Korea, Iran, Russia, China or any other non-state actor, take many forms but they usually seek to gain access to sensitive information. Because of this, U.S. government officials and private companies see cybersecurity as one of the most significant national security threats we face today.

One particularly aggressive technique, however, has been adopted by cyber criminals from around the world. Their goal is to attack U.S. financial institutions to steal money to fund other cyber-attacks or launch their own malicious campaigns. For example, malware infected ATMs, home computers or even your computer itself the point is to steal as much money as possible, or to try and cause a financial crisis for an entire country, like Iran.

The most common way for cyber criminals to gain access to financial institutions, money transfers or card accounts is through social engineering. If a cyber criminal approaches a company or business in an official capacity, and tries to obtain information, it is called “offline banking” or “offline contact.” An attack initiated off-line by a cyber criminal might look nothing like a traditional attack, in which the attacker uses multiple layers of social engineering tactics to gain access to victims, without exposing the attack to the company or business. Cyber criminals can also engage in aggressive online phishing campaigns to gain access to a company’s web-site or network. This type of attack can require a serious effort, with the perpetrator conducting a lot of manual effort and using a large number of different tools to open a targeted web-site or exploit a vulnerability in your system. In a phishing attack, the perpetrator first generates a victim’s expectations about their account. Once the victim visits the site, they are tricked into revealing private information they would not normally reveal online. From there, the cyber criminal tries to steal user names and passwords, then sells that information to other criminals, who can then log into users’ accounts and commit other online attacks.

Online phishing

Additionally, cyber criminals use malware known as Trojan horses. These malware-based attacks utilize malicious code that can slip past defenses, particularly security software, to take over and capture sensitive data and commands in real time. The malware, which looks and behaves like other programs, hides its presence and uses subtle user interactions to remain undetected. Trojans are typically released in emails or direct links, and the attack usually doesn’t expose itself until after the user has shared their login details on a social media site or opened an email attachment. As malware campaigns evolve and become more sophisticated, using email and social engineering attacks to enter target systems for penetration purposes, it becomes increasingly more challenging for security researchers and organizations to discover new malware attacks to understand it and learn how to fight them. Some companies, including the Office of the Director of National Intelligence, are already leveraging social engineering to identify cyber threat actors. Using social engineering to make better infosec assessments of cyber threats is one of the most effective ways to ensure that only credible threats are allowed to operate and spread.

As more cybersecurity professionals become active in the field, they are increasingly concerned about the information security threat environment they face. To address this, the White House and the U.S. Department of Homeland Security (DHS) have established a National Cybersecurity Center of Excellence (NCCE) with top-tier experts to support cybersecurity as an area of national importance. For example, DHS and its cyber

Leave a reply

Fields marked with * are required